Privacy Policy

This Privacy Policy informs you about the personal data we process in connection with our activities and services, in particular on our websites enblex.com and enblex.ch. We explain why, how, and where we process data and what rights data subjects have.

Additional or separate privacy policies, terms and conditions (T&Cs), or other legal documents may apply to specific activities.

We are subject to Swiss data protection law (revDSG, in force since 01.09.2023) as well as, where applicable, foreign data protection legislation, in particular the EU General Data Protection Regulation (GDPR). The European Commission has determined that Swiss data protection law generally ensures an adequate level of data protection.

1. Contact details

The controller responsible for data processing is:

Enblex GmbH
Neudorfstrasse 7
CH-6312 Steinhausen
Email: info@enblex.com

Other controllers may be designated in individual cases.

2. Definitions and legal bases

2.1 Definitions
Personal data means any information relating to an identified or identifiable natural person. A data subject is a person whose data we process.
Processing means any handling of personal data, such as collection, storage, modification, transfer, or deletion.
The European Economic Area (EEA) includes all EU Member States as well as Liechtenstein, Iceland, and Norway.

2.2 Legal bases
We process personal data exclusively based on the legal grounds of Swiss data protection law (revDSG) and, where applicable, the GDPR, in particular:

Article 6(1)(a) GDPR — Consent of the data subject
Article 6(1)(b) GDPR — Performance of a contract or pre-contractual measures
Article 6(1)(c) GDPR — Legal obligations
Article 6(1)(d) GDPR — Protection of vital interests
Article 6(1)(e) GDPR — Tasks carried out in the public interest
Article 6(1)(f) GDPR — Legitimate interests unless overridden by the rights of the data subject

3. Types, scope, and purposes of data processing
We process data necessary to provide our services reliably, securely, and in a user-friendly manner. This includes, among others, contact data, contractual data, technical data about website use (browser type, IP address, devices), payment data, among others.
Data is retained only as long as needed for the respective purpose or as required by law. Data no longer needed is deleted or anonymized.
We engage processors (e.g., hosting or technical service providers) and third parties such as specialized providers in data processing and ensure they comply with applicable data protection standards.

4. Communication and data transfers
We process contact details provided via contact forms, emails, or postal correspondence to communicate with you. Third parties transmitting data to us must comply with data protection obligations.

5. Data security
We implement appropriate technical and organizational measures to safeguard data against unauthorized access, loss, misuse, or destruction.
Data transmitted on our websites is encrypted via HTTPS (TLS).
Notwithstanding our security measures, digital communication may be subject to surveillance by authorities in various countries, over which we have no influence.

6. Data processing outside Switzerland and the EEA
Personal data may be processed in countries outside Switzerland and the EEA, for example by third-party providers such as Google and LinkedIn in the USA.
In such cases, we ensure adequate safeguards, particularly through the EU-US Data Privacy Framework (DPF) and the Standard Contractual Clauses (SCCs) approved by the European Commission.

7. Rights of data subjects
Data subjects have the following rights:

Access to their personal data and processing activities
Rectification of inaccurate or incomplete data
Erasure of data, insofar as retention obligations do not apply
Restriction of processing
Objection to processing
Data portability

Exceptions may apply, e.g., due to trade secrets or legal requirements.
To exercise these rights, please contact us using the details above. We may require identification to prevent misuse.
Data subjects also have the right to lodge a complaint with the Swiss supervisory authority (Federal Data Protection and Information Commissioner, FDPIC) or a competent EU data protection authority.

8. Use of the website

8.1 Cookies
We use cookies for functionality, analytics, and marketing purposes. Cookies may be session-based or persistent.
Where required by law, we obtain explicit consent via a consent banner (e.g., for Google Analytics or marketing tools when addressing EU visitors).
Cookies can be deleted or restricted at any time via browser settings, which may reduce website functionality.
Note: No cookies or comparable tracking technologies are used without explicit consent (for EU visitors).

8.2 Logging and log files
We log technical data such as IP address, date, time, and browser information to ensure website functionality and security.

8.3 Web beacons
We may use small invisible graphics (web beacons) for statistical analysis and tracking.

9. Social media
We maintain a presence on platforms such as LinkedIn to communicate publicly.
If logged into LinkedIn, your visit to our website may be associated with your LinkedIn user account.
The privacy policies of these platform providers also apply.

10. Third-party services

10.1 Google services
We use services like Google Maps, Google Analytics, and Google Tag Manager, which may involve the transfer of data to Google servers in the USA.
Google relies on the Data Privacy Framework (EU/USA) and the European Commission’s Standard Contractual Clauses.
Users can object to data collection through Google services, e.g., via browser add-ons or opt-out options.

10.2 Digital infrastructure
We use hosting and storage providers such as Infomaniak Network AG (Switzerland), which complies with Swiss data protection standards.

10.3 Social media functions
We integrate features and content from platforms such as LinkedIn, which may transmit personal data governed by those platforms’ privacy policies.

11. Analytics and reach measurement
We analyze website usage to fix errors and optimize content. IP addresses and user profiles are processed only in pseudonymized form.

12. Final provisions
We may update this Privacy Policy at any time without prior notice. The version published on our website is the valid version.

Enblex GmbH, September 2025

Name:	CraftSessionId
Description:	Craft relies on PHP sessions to maintain sessions across web requests. That is done via the PHP session cookie. Craft names that cookie “CraftSessionId” by default, but it can be renamed via the phpSessionId config setting. This cookie will expire as soon as the session expires.
Provider:	this site
Expiry:	Session

Name:	CRAFT_CSRF_TOKEN
Description:	Protects us and you as a user against Cross-Site Request Forgery attacks.
Provider:	this site
Expiry:	Session

Name:	enblex-cookie-consent
Description:	Remembers your cookie settings.
Provider:	this site
Expiry:	1 year

This website uses cookies

This website uses cookies

Privacy Policy